PuTTY vulnerability vuln-sshredder

summary: SSHredder test suite vulnerabilities (CERT CA-2002-36)class: vulnerability: This is a security vulnerability.difficulty: fun: Just needs tuits, and not many of them.priority: high: This should be fixed in the next release.present-in: 0.53fixed-in: 0.53b 2002-11-09 7c95ea19c88fc7a547184ed84276fb3a6e2a5ba1

PuTTY 0.53 and earlier are vulnerable to the attack described in
CERT advisory
CA-2002-36
"Multiple Vulnerabilities in SSH Implementations" (also
VU#389665). This
vulnerability is believed to be fixed in 0.53b (released Nov 12, 2002).

Certain well-chosen malformed or unusual packets can lead to
remote code execution attacks. See the
Rapid7 advisory
and their
SSHredder
test suite for details.